soar_auditing_provider_api 0.8.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 129f7530981c838d82f5d4df7ec4bceec5f888e2
4
+ data.tar.gz: 8cd72a7b979eac9895936a3e3b9537a89e743476
5
+ SHA512:
6
+ metadata.gz: f247e6185716ccd657f6205f7941a3a49f8aee55d01dcb1d2b53453d6b6c3c1da4f408d1dbaff70d31a6473398061d37957f95af50355e07b517ee92ed09452a
7
+ data.tar.gz: f425413a555d07ceb92b5348ac23fe5f84b195b2d44c60bd90be0cf0aeec85a8b7f49ba39819279c0b62d3e6b1c73d66f3e02c648527eb132e4eda61314a29c2
data/.gitignore ADDED
@@ -0,0 +1,11 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /Gemfile.lock
4
+ /_yardoc/
5
+ /coverage/
6
+ /doc/
7
+ /pkg/
8
+ /spec/reports/
9
+ /tmp/
10
+ .byebug_history
11
+ *.gem
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --format documentation
2
+ --color
data/.ruby-gemset ADDED
@@ -0,0 +1 @@
1
+ soar_auditing_provider_api
data/.ruby-version ADDED
@@ -0,0 +1 @@
1
+ ruby-2.2
data/.travis.yml ADDED
@@ -0,0 +1,4 @@
1
+ language: ruby
2
+ rvm:
3
+ - 2.2.2
4
+ before_install: gem install bundler -v 1.11.2
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in soar_auditing_provider.gemspec
4
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2016 Ernst Van Graan
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,127 @@
1
+ # SoarAuditingProvider
2
+
3
+ This gem provides the auditing API that audit providers for the SOAR architecture should adhere to.
4
+
5
+ Providers are initialized with a list of auditors (already configured) and their configurations, which include the NFRs they support (key: 'nfrs'), and is responsible for selecting an auditor given a set of NFRs. Such selection is made by calling the select(nfrs) method. The auditing API as set out below then delegates auditing actions to the selected auditor.
6
+
7
+ The API provides default delegation behaviour that calls the API methods verbatim on the auditor. NFRs can be anything you want. You can ask the auditing provider to select an auditor based on a set of NFRs. The default behaviour is that the first auditor which matches all NFRs exactly is returned. You can override this behaviour by overriding the select(nfrs) method.
8
+
9
+ If you'd simply like the auditing provider to use the first (perhaps only?) auditor that it knows about, you can tell it to select DEFAULT so:
10
+
11
+ auditor = auditing_provider.select(SoarAuditingProvider::AuditingProviderAPI::DEFAULT)
12
+
13
+ ## Installation
14
+
15
+ Add this line to your application's Gemfile:
16
+
17
+ ```ruby
18
+ gem 'soar_auditing_provider'
19
+ ```
20
+
21
+ And then execute:
22
+
23
+ $ bundle
24
+
25
+ Or install it yourself as:
26
+
27
+ $ gem install soar_auditing_provider
28
+
29
+ ## Testing
30
+
31
+ Run the rspec test tests:
32
+
33
+ $ bundle exec rspec -cfd spec
34
+
35
+ ## Usage
36
+
37
+ Extend the SoarAuditingProvider::AuditingProviderAPI to create a new auditing provider, or instantiate the API directly for an out-of-the-box auditing provider with default behaviour.
38
+
39
+ ```
40
+ class MyAuditingProvider < SoarAuditingProvider::AuditingProviderAPI
41
+ end
42
+ ```
43
+
44
+ or
45
+
46
+ ```
47
+ auditor_provider = SoarAuditingProvider::AuditingProviderAPI.new(auditors)
48
+ ```
49
+
50
+ Initialize the provider so:
51
+
52
+ ```
53
+ auditor = MyAuditor.new
54
+ auditor_nfrs = { 'nfrs' => { 'accessibility' => 'local' }, 'privacy' => 'not encrypted' }
55
+ @iut = MyAuditingProvider.new( { auditor => auditor_nfrs } )
56
+ ```
57
+
58
+ Select an auditor and audit using the API methods. The auditing provider remembers your selection, e.g.:
59
+
60
+ ```
61
+ @iut.select( {'accessibility' => 'local' })
62
+ @iut.info("This is info")
63
+ @iut.debug(some_debug_object)
64
+ @iut.warn("Statistics show that dropped packets have increased to #{dropped}%")
65
+ @iut.error("Could not resend some dropped packets. They have been lost. All is still OK, I could compensate")
66
+ @iut.fatal("Unable to perform action, too many dropped packets. Functional degradation.")
67
+ @iut << 'Rack::CommonLogger requires this'
68
+ ```
69
+
70
+ Alternatively, to use different auditors for different sets of NFRs in the same code, do as below. The auditing provider remembers the last auditor selected.
71
+
72
+ ```
73
+ auditor_A = @iut.select( {'my nfr 1' => 'criteria 1' })
74
+ auditor_B = @iut.select( {'my nfr 2' => 'criteria 2' })
75
+
76
+ auditor_A.debug('debug')
77
+ auditor_B.warn('warn')
78
+
79
+ @iut.error('error') # Uses auditor_B since it was selected last
80
+ ```
81
+
82
+ The API also supports appending as below, enabling support, e.g. for Rack::CommonLogger, etc.:
83
+
84
+ ```
85
+ <<
86
+ ```
87
+
88
+ ## Detailed example
89
+
90
+ ```
91
+ require 'log4r'
92
+ require 'soar_auditing_provider'
93
+
94
+ class Main
95
+ include Log4r
96
+
97
+ def test_sanity
98
+ auditor = Logger.new 'sanity'
99
+ auditor.outputters = Outputter.stdout
100
+ @iut = SoarAuditingProvider::AuditingProviderAPI.new( { auditor => { 'nfrs' => {'accessibility' => 'local'} } } )
101
+ @iut.select(SoarAuditingProvider::AuditingProviderAPI::DEFAULT)
102
+ some_debug_object = 123
103
+ @iut.info("This is info")
104
+ @iut.debug(some_debug_object)
105
+ dropped = 95
106
+ @iut.warn("Statistics show that dropped packets have increased to #{dropped}%")
107
+ @iut.error("Could not resend some dropped packets. They have been lost. All is still OK, I could compensate")
108
+ @iut.fatal("Unable to perform action, too many dropped packets. Functional degradation.")
109
+ @iut << 'Rack::CommonLogger requires this'
110
+ end
111
+ end
112
+
113
+ main = Main.new
114
+ main.test_sanity
115
+ ```
116
+
117
+ ## Contributing
118
+
119
+ Bug reports and feature requests are welcome by email to ernst dot van dot graan at hetzner dot co dot za. This gem is sponsored by Hetzner (Pty) Ltd (http://hetzner.co.za)
120
+
121
+ ## Notes
122
+
123
+ Though out of scope for the provider, auditors should take into account encoding, serialization, and other NFRs.
124
+
125
+ ## License
126
+
127
+ The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
data/Rakefile ADDED
@@ -0,0 +1,6 @@
1
+ require "bundler/gem_tasks"
2
+ require "rspec/core/rake_task"
3
+
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task :default => :spec
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require "bundler/setup"
4
+ require "soar_auditing_provider_api"
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require "irb"
14
+ IRB.start
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,61 @@
1
+ module SoarAuditingProvider
2
+ class AuditingProviderAPI
3
+ DEFAULT = {} unless defined? DEFAULT; DEFAULT.freeze
4
+
5
+ attr_accessor :auditors
6
+ attr_accessor :auditor
7
+
8
+ def initialize(auditors)
9
+ raise ArgumentError.new("Invalid auditors provided") if not auditors.is_a?(Hash)
10
+ raise ArgumentError.new("No auditors provided") if auditors.nil? or auditors.empty?
11
+ @auditors = auditors
12
+ end
13
+
14
+ def debug(data)
15
+ @auditor.debug(data)
16
+ end
17
+
18
+ def <<(data)
19
+ @auditor.info(data)
20
+ end
21
+
22
+ def info(data)
23
+ @auditor.info(data)
24
+ end
25
+
26
+ def error(data)
27
+ @auditor.error(data)
28
+ end
29
+
30
+ def warn(data)
31
+ @auditor.warn(data)
32
+ end
33
+
34
+ def fatal(data)
35
+ @auditor.fatal(data)
36
+ end
37
+
38
+ def select(nfrs = DEFAULT)
39
+ if nfrs.nil? or nfrs.empty?
40
+ auditor_selected = auditors.keys.first
41
+ else
42
+ auditor_selected = nil
43
+ auditors.each do |auditor, configuration|
44
+ auditor_nfrs = configuration['nfrs']
45
+ nfrs_matched = true
46
+ nfrs.each do |nfr, value|
47
+ nfrs_matched = false if not auditor_nfrs[nfr] or (auditor_nfrs[nfr] != value)
48
+ end
49
+ if nfrs_matched
50
+ auditor_selected = auditor
51
+ break
52
+ end
53
+ end
54
+ raise NFRMatchError.new("Could not match NFRs to an auditor") if auditor_selected.nil?
55
+ end
56
+ configuration = auditors[auditor_selected]
57
+ @auditor = auditor_selected
58
+ return @auditor, configuration
59
+ end
60
+ end
61
+ end
@@ -0,0 +1,4 @@
1
+ module SoarAuditingProvider
2
+ class NFRMatchError < StandardError
3
+ end
4
+ end
@@ -0,0 +1,3 @@
1
+ module SoarAuditingProvider
2
+ VERSION = "0.8.0"
3
+ end
@@ -0,0 +1,6 @@
1
+ require "soar_auditing_provider_api/version"
2
+ require 'soar_auditing_provider_api/auditing_provider_api'
3
+ require 'soar_auditing_provider_api/nfr_match_error'
4
+
5
+ module SoarAuditingProvider
6
+ end
data/sanity/.gitignore ADDED
@@ -0,0 +1,11 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /Gemfile.lock
4
+ /_yardoc/
5
+ /coverage/
6
+ /doc/
7
+ /pkg/
8
+ /spec/reports/
9
+ /tmp/
10
+ .byebug_history
11
+ *.gem
@@ -0,0 +1 @@
1
+ sanity
@@ -0,0 +1 @@
1
+ ruby-2.2
data/sanity/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ gem 'log4r'
4
+ gem 'soar_auditing_provider_api', :path => "../"
data/sanity/sanity.rb ADDED
@@ -0,0 +1,24 @@
1
+ require 'log4r'
2
+ require 'soar_auditing_provider_api'
3
+
4
+ class Main
5
+ include Log4r
6
+
7
+ def test_sanity
8
+ auditor = Logger.new 'sanity'
9
+ auditor.outputters = Outputter.stdout
10
+ @iut = SoarAuditingProvider::AuditingProviderAPI.new( { auditor => { 'nfrs' => {'accessibility' => 'local'} } } )
11
+ @iut.select(SoarAuditingProvider::AuditingProviderAPI::DEFAULT)
12
+ some_debug_object = 123
13
+ @iut.info("This is info")
14
+ @iut.debug(some_debug_object)
15
+ dropped = 95
16
+ @iut.warn("Statistics show that dropped packets have increased to #{dropped}%")
17
+ @iut.error("Could not resend some dropped packets. They have been lost. All is still OK, I could compensate")
18
+ @iut.fatal("Unable to perform action, too many dropped packets. Functional degradation.")
19
+ @iut << 'Rack::CommonLogger requires this'
20
+ end
21
+ end
22
+
23
+ main = Main.new
24
+ main.test_sanity
@@ -0,0 +1,25 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'soar_auditing_provider_api/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "soar_auditing_provider_api"
8
+ spec.version = SoarAuditingProvider::VERSION
9
+ spec.authors = ["Ernst Van Graan"]
10
+ spec.email = ["ernst.van.graan@hetzner.co.za"]
11
+
12
+ spec.summary = %q{API for SOAR architecture auditing}
13
+ spec.description = %q{API for SOAR architecture auditing}
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
17
+ spec.bindir = "exe"
18
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_development_dependency "bundler", "~> 1.11"
22
+ spec.add_development_dependency "rake", "~> 10.0"
23
+ spec.add_development_dependency "rspec", "~> 3.0"
24
+ spec.add_development_dependency "byebug"
25
+ end
metadata ADDED
@@ -0,0 +1,121 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: soar_auditing_provider_api
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.8.0
5
+ platform: ruby
6
+ authors:
7
+ - Ernst Van Graan
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2016-07-27 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.11'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.11'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rake
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '10.0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '10.0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rspec
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '3.0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '3.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: byebug
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ description: API for SOAR architecture auditing
70
+ email:
71
+ - ernst.van.graan@hetzner.co.za
72
+ executables: []
73
+ extensions: []
74
+ extra_rdoc_files: []
75
+ files:
76
+ - ".gitignore"
77
+ - ".rspec"
78
+ - ".ruby-gemset"
79
+ - ".ruby-version"
80
+ - ".travis.yml"
81
+ - Gemfile
82
+ - LICENSE.txt
83
+ - README.md
84
+ - Rakefile
85
+ - bin/console
86
+ - bin/setup
87
+ - lib/soar_auditing_provider_api.rb
88
+ - lib/soar_auditing_provider_api/auditing_provider_api.rb
89
+ - lib/soar_auditing_provider_api/nfr_match_error.rb
90
+ - lib/soar_auditing_provider_api/version.rb
91
+ - sanity/.gitignore
92
+ - sanity/.ruby-gemset
93
+ - sanity/.ruby-version
94
+ - sanity/Gemfile
95
+ - sanity/sanity.rb
96
+ - soar_auditing_provider_api.gemspec
97
+ homepage:
98
+ licenses:
99
+ - MIT
100
+ metadata: {}
101
+ post_install_message:
102
+ rdoc_options: []
103
+ require_paths:
104
+ - lib
105
+ required_ruby_version: !ruby/object:Gem::Requirement
106
+ requirements:
107
+ - - ">="
108
+ - !ruby/object:Gem::Version
109
+ version: '0'
110
+ required_rubygems_version: !ruby/object:Gem::Requirement
111
+ requirements:
112
+ - - ">="
113
+ - !ruby/object:Gem::Version
114
+ version: '0'
115
+ requirements: []
116
+ rubyforge_project:
117
+ rubygems_version: 2.4.8
118
+ signing_key:
119
+ specification_version: 4
120
+ summary: API for SOAR architecture auditing
121
+ test_files: []